Re: [Crash-utility] Unable to switch stack frames while using crash

Hi Dave, Thank you so much for your help. Below is the output of dis -rl n_tty_read+0x58c crash> dis -rl n_tty_read+0x58c dis: line numbers are not available 0xffffffff811efe27 <n_tty_read>: push %rbp 0xffffffff811efe28 <n_tty_read+1>: mov %gs:0xb500,%rax 0xffffffff811efe31 <n_tty_read+10>: mov %rsp,%rbp 0xffffffff811efe34 <n_tty_read+13>: push %r15 0xffffffff811efe36 <n_tty_read+15>: push %r14 0xffffffff811efe38 <n_tty_read+17>: push %r13 0xffffffff811efe3a <n_tty_read+19>: mov %rdi,%r13 0xffffffff811efe3d <n_tty_read+22>: lea -0x70(%rbp),%rdi 0xffffffff811efe41 <n_tty_read+26>: push %r12 0xffffffff811efe43 <n_tty_read+28>: push %rbx 0xffffffff811efe44 <n_tty_read+29>: lea 0x490(%r13),%rbx 0xffffffff811efe4b <n_tty_read+36>: sub $0xe8,%rsp 0xffffffff811efe52 <n_tty_read+43>: mov %rax,-0x98(%rbp) 0xffffffff811efe59 <n_tty_read+50>: mov %rcx,-0x78(%rbp) 0xffffffff811efe5d <n_tty_read+54>: xor %eax,%eax 0xffffffff811efe5f <n_tty_read+56>: mov $0xa,%ecx 0xffffffff811efe64 <n_tty_read+61>: mov %rdx,-0xd8(%rbp) 0xffffffff811efe6b <n_tty_read+68>: mov %rsi,-0xd0(%rbp) 0xffffffff811efe72 <n_tty_read+75>: mov %rdx,-0x40(%rbp) 0xffffffff811efe76 <n_tty_read+79>: rep stos %eax,%es:(%rdi) 0xffffffff811efe78 <n_tty_read+81>: lea 0x1c0(%r13),%rax 0xffffffff811efe7f <n_tty_read+88>: lea 0x1c8(%r13),%rcx 0xffffffff811efe86 <n_tty_read+95>: mov %rbx,-0xc0(%rbp) 0xffffffff811efe8d <n_tty_read+102>: lea 0xd8(%r13),%rbx 0xffffffff811efe94 <n_tty_read+109>: movq $0xffffffff81045f84,-0x60(%rbp) 0xffffffff811efe9c <n_tty_read+117>: movq $0x0,-0xa8(%rbp) 0xffffffff811efea7 <n_tty_read+128>: mov -0x98(%rbp),%rdx 0xffffffff811efeae <n_tty_read+135>: mov %rax,-0xc8(%rbp) 0xffffffff811efeb5 <n_tty_read+142>: mov -0x98(%rbp),%rax 0xffffffff811efebc <n_tty_read+149>: mov %rcx,-0x90(%rbp) 0xffffffff811efec3 <n_tty_read+156>: lea 0x51c(%r13),%rcx 0xffffffff811efeca <n_tty_read+163>: mov %rbx,-0x80(%rbp) 0xffffffff811efece <n_tty_read+167>: mov %rdx,-0x68(%rbp) 0xffffffff811efed2 <n_tty_read+171>: lea 0x268(%r13),%rdx 0xffffffff811efed9 <n_tty_read+178>: mov %rcx,-0xb8(%rbp) 0xffffffff811efee0 <n_tty_read+185>: mov %rax,-0xf8(%rbp) 0xffffffff811efee7 <n_tty_read+192>: mov %rax,-0x100(%rbp) 0xffffffff811efeee <n_tty_read+199>: mov %rdx,-0x88(%rbp) 0xffffffff811efef5 <n_tty_read+206>: mov %rax,-0x108(%rbp) 0xffffffff811efefc <n_tty_read+213>: mov %rax,-0x110(%rbp) 0xffffffff811eff03 <n_tty_read+220>: cmpq $0x0,0x250(%r13) 0xffffffff811eff0b <n_tty_read+228>: jne 0xffffffff811eff11 <n_tty_read+234> 0xffffffff811eff0d <n_tty_read+230>: ud2a 0xffffffff811eff0f <n_tty_read+232>: jmp 0xffffffff811eff0f <n_tty_read+232> 0xffffffff811eff11 <n_tty_read+234>: mov -0xd0(%rbp),%rdx 0xffffffff811eff18 <n_tty_read+241>: mov 0x20(%rdx),%rax 0xffffffff811eff1c <n_tty_read+245>: cmpq $0xffffffff811ed61f,0x18(%rax) 0xffffffff811eff24 <n_tty_read+253>: je 0xffffffff811effef <n_tty_read+456> 0xffffffff811eff2a <n_tty_read+259>: mov -0xf8(%rbp),%rcx 0xffffffff811eff31 <n_tty_read+266>: mov 0x478(%rcx),%rax 0xffffffff811eff38 <n_tty_read+273>: cmp %r13,0x180(%rax) 0xffffffff811eff3f <n_tty_read+280>: jne 0xffffffff811effef <n_tty_read+456> 0xffffffff811eff45 <n_tty_read+286>: mov 0xc8(%r13),%rdx 0xffffffff811eff4c <n_tty_read+293>: test %rdx,%rdx 0xffffffff811eff4f <n_tty_read+296>: jne 0xffffffff811eff64 <n_tty_read+317> 0xffffffff811eff51 <n_tty_read+298>: mov $0xffffffff8139c972,%rdi 0xffffffff811eff58 <n_tty_read+305>: xor %eax,%eax 0xffffffff811eff5a <n_tty_read+307>: callq 0xffffffff812d4abf <printk> 0xffffffff811eff5f <n_tty_read+312>: jmpq 0xffffffff811effef <n_tty_read+456> 0xffffffff811eff64 <n_tty_read+317>: mov -0xf8(%rbp),%rbx 0xffffffff811eff6b <n_tty_read+324>: mov 0x1e0(%rbx),%rax 0xffffffff811eff72 <n_tty_read+331>: cmp %rdx,0x238(%rax) 0xffffffff811eff79 <n_tty_read+338>: je 0xffffffff811effef <n_tty_read+456> 0xffffffff811eff7b <n_tty_read+340>: mov -0x98(%rbp),%rax 0xffffffff811eff82 <n_tty_read+347>: testb $0x10,0x48a(%rax) 0xffffffff811eff89 <n_tty_read+354>: jne 0xffffffff811f0611 <n_tty_read+2026> 0xffffffff811eff8f <n_tty_read+360>: mov 0x480(%rax),%rax 0xffffffff811eff96 <n_tty_read+367>: cmpq $0x1,0x288(%rax) 0xffffffff811eff9e <n_tty_read+375>: jne 0xffffffff811f0604 <n_tty_read+2013> 0xffffffff811effa4 <n_tty_read+381>: jmpq 0xffffffff811f0611 <n_tty_read+2026> 0xffffffff811effa9 <n_tty_read+386>: mov -0x98(%rbp),%rcx 0xffffffff811effb0 <n_tty_read+393>: mov $0x1,%edx 0xffffffff811effb5 <n_tty_read+398>: mov $0x15,%esi 0xffffffff811effba <n_tty_read+403>: mov 0x1e0(%rcx),%rax 0xffffffff811effc1 <n_tty_read+410>: mov 0x238(%rax),%rdi 0xffffffff811effc8 <n_tty_read+417>: callq 0xffffffff8105953a <kill_pgrp> 0xffffffff811effcd <n_tty_read+422>: mov %gs:0xb508,%rdx 0xffffffff811effd6 <n_tty_read+431>: lea -0x1fc8(%rdx),%rax 0xffffffff811effdd <n_tty_read+438>: lock orb $0x4,-0x1fc8(%rdx) 0xffffffff811effe5 <n_tty_read+446>: mov $0xfffffe00,%eax 0xffffffff811effea <n_tty_read+451>: jmpq 0xffffffff811f0616 <n_tty_read+2031> 0xffffffff811effef <n_tty_read+456>: testb $0x10,0x21c(%r13) 0xffffffff811efff7 <n_tty_read+464>: je 0xffffffff811f000f <n_tty_read+488> 0xffffffff811efff9 <n_tty_read+466>: movl $0x0,-0xb0(%rbp) 0xffffffff811f0003 <n_tty_read+476>: movl $0x0,-0xac(%rbp) 0xffffffff811f000d <n_tty_read+486>: jmp 0xffffffff811f0076 <n_tty_read+591> 0xffffffff811f000f <n_tty_read+488>: mov 0x70(%r13),%rdx 0xffffffff811f0013 <n_tty_read+492>: movzbl 0x16(%rdx),%eax 0xffffffff811f0017 <n_tty_read+496>: imul $0x19,%eax,%eax 0xffffffff811f001a <n_tty_read+499>: mov %eax,-0xac(%rbp) 0xffffffff811f0020 <n_tty_read+505>: movzbl 0x17(%rdx),%edx 0xffffffff811f0024 <n_tty_read+509>: test %edx,%edx 0xffffffff811f0026 <n_tty_read+511>: mov %edx,-0xb0(%rbp) 0xffffffff811f002c <n_tty_read+517>: je 0xffffffff811f0082 <n_tty_read+603> 0xffffffff811f002e <n_tty_read+519>: test %eax,%eax 0xffffffff811f0030 <n_tty_read+521>: je 0xffffffff811f003e <n_tty_read+535> 0xffffffff811f0032 <n_tty_read+523>: movw $0x1,0x21e(%r13) 0xffffffff811f003c <n_tty_read+533>: jmp 0xffffffff811f0076 <n_tty_read+591> 0xffffffff811f003e <n_tty_read+535>: mov -0x90(%rbp),%rbx 0xffffffff811f0045 <n_tty_read+542>: cmp %rbx,0x1c8(%r13) 0xffffffff811f004c <n_tty_read+549>: je 0xffffffff811f0068 <n_tty_read+577> 0xffffffff811f004e <n_tty_read+551>: movzwl 0x21e(%r13),%eax 0xffffffff811f0056 <n_tty_read+559>: mov $0x7fffffffffffffff,%r15 0xffffffff811f0060 <n_tty_read+569>: cmp -0xb0(%rbp),%eax 0xffffffff811f0066 <n_tty_read+575>: jle 0xffffffff811f00b7 <n_tty_read+656> 0xffffffff811f0068 <n_tty_read+577>: mov -0xb0(%rbp),%eax 0xffffffff811f006e <n_tty_read+583>: mov %ax,0x21e(%r13) 0xffffffff811f0076 <n_tty_read+591>: mov $0x7fffffffffffffff,%r15 0xffffffff811f0080 <n_tty_read+601>: jmp 0xffffffff811f00b7 <n_tty_read+656> 0xffffffff811f0082 <n_tty_read+603>: movslq -0xac(%rbp),%r15 0xffffffff811f0089 <n_tty_read+610>: cmpl $0x0,-0xac(%rbp) 0xffffffff811f0090 <n_tty_read+617>: mov $0x0,%eax 0xffffffff811f0095 <n_tty_read+622>: movw $0x1,0x21e(%r13) 0xffffffff811f009f <n_tty_read+632>: movl $0x1,-0xb0(%rbp) 0xffffffff811f00a9 <n_tty_read+642>: movl $0x0,-0xac(%rbp) 0xffffffff811f00b3 <n_tty_read+652>: cmove %rax,%r15 0xffffffff811f00b7 <n_tty_read+656>: mov -0xd0(%rbp),%rdx 0xffffffff811f00be <n_tty_read+663>: testb $0x8,0x39(%rdx) 0xffffffff811f00c2 <n_tty_read+667>: je 0xffffffff811f00e4 <n_tty_read+701> 0xffffffff811f00c4 <n_tty_read+669>: mov -0xc0(%rbp),%rdi 0xffffffff811f00cb <n_tty_read+676>: callq 0xffffffff812d5ec7 <mutex_trylock> 0xffffffff811f00d0 <n_tty_read+681>: test %eax,%eax 0xffffffff811f00d2 <n_tty_read+683>: jne 0xffffffff811f0104 <n_tty_read+733> 0xffffffff811f00d4 <n_tty_read+685>: movq $0xfffffffffffffff5,-0xa8(%rbp) 0xffffffff811f00df <n_tty_read+696>: jmpq 0xffffffff811f05eb <n_tty_read+1988> 0xffffffff811f00e4 <n_tty_read+701>: mov -0xc0(%rbp),%rdi 0xffffffff811f00eb <n_tty_read+708>: callq 0xffffffff812d6358 <mutex_lock_interruptible> 0xffffffff811f00f0 <n_tty_read+713>: test %eax,%eax 0xffffffff811f00f2 <n_tty_read+715>: je 0xffffffff811f0104 <n_tty_read+733> 0xffffffff811f00f4 <n_tty_read+717>: movq $0xfffffffffffffe00,-0xa8(%rbp) 0xffffffff811f00ff <n_tty_read+728>: jmpq 0xffffffff811f05eb <n_tty_read+1988> 0xffffffff811f0104 <n_tty_read+733>: mov 0xec(%r13),%al 0xffffffff811f010b <n_tty_read+740>: mov -0xc8(%rbp),%rdi 0xffffffff811f0112 <n_tty_read+747>: lea -0x70(%rbp),%rsi 0xffffffff811f0116 <n_tty_read+751>: shr $0x3,%al 0xffffffff811f0119 <n_tty_read+754>: mov %eax,%ecx 0xffffffff811f011b <n_tty_read+756>: and $0x1,%ecx 0xffffffff811f011e <n_tty_read+759>: mov %ecx,-0x9c(%rbp) 0xffffffff811f0124 <n_tty_read+765>: callq 0xffffffff8106201b <add_wait_queue> 0xffffffff811f0129 <n_tty_read+770>: movslq -0xb0(%rbp),%rbx 0xffffffff811f0130 <n_tty_read+777>: movslq -0xac(%rbp),%rax 0xffffffff811f0137 <n_tty_read+784>: mov -0xd8(%rbp),%rdx 0xffffffff811f013e <n_tty_read+791>: inc %rdx 0xffffffff811f0141 <n_tty_read+794>: mov %rbx,-0xe0(%rbp) 0xffffffff811f0148 <n_tty_read+801>: mov %rax,-0xe8(%rbp) 0xffffffff811f014f <n_tty_read+808>: mov %rdx,-0xf0(%rbp) 0xffffffff811f0156 <n_tty_read+815>: jmpq 0xffffffff811f0522 <n_tty_read+1787> 0xffffffff811f015b <n_tty_read+820>: cmpl $0x0,-0x9c(%rbp) 0xffffffff811f0162 <n_tty_read+827>: je 0xffffffff811f01ef <n_tty_read+968> 0xffffffff811f0168 <n_tty_read+833>: mov 0xf8(%r13),%rax 0xffffffff811f016f <n_tty_read+840>: cmpb $0x0,0xed(%rax) 0xffffffff811f0176 <n_tty_read+847>: je 0xffffffff811f01ef <n_tty_read+968> 0xffffffff811f0178 <n_tty_read+849>: mov -0xd8(%rbp),%rcx 0xffffffff811f017f <n_tty_read+856>: cmp %rcx,-0x40(%rbp) 0xffffffff811f0183 <n_tty_read+860>: jne 0xffffffff811f052d <n_tty_read+1798> 0xffffffff811f0189 <n_tty_read+866>: lea 0x68(%rax),%rdi 0xffffffff811f018d <n_tty_read+870>: callq 0xffffffff812d6fb8 <_spin_lock_irqsave> 0xffffffff811f0192 <n_tty_read+875>: mov 0xf8(%r13),%rdi 0xffffffff811f0199 <n_tty_read+882>: mov %rax,%rsi 0xffffffff811f019c <n_tty_read+885>: mov 0xed(%rdi),%bl 0xffffffff811f01a2 <n_tty_read+891>: movb $0x0,0xed(%rdi) 0xffffffff811f01a9 <n_tty_read+898>: add $0x68,%rdi 0xffffffff811f01ad <n_tty_read+902>: callq 0xffffffff812d70c1 <_spin_unlock_irqrestore> 0xffffffff811f01b2 <n_tty_read+907>: mov -0x40(%rbp),%r12 0xffffffff811f01b6 <n_tty_read+911>: lea -0x31(%rbp),%rsi 0xffffffff811f01ba <n_tty_read+915>: mov $0x1,%edx 0xffffffff811f01bf <n_tty_read+920>: mov %r13,%rdi 0xffffffff811f01c2 <n_tty_read+923>: mov %bl,-0x31(%rbp) 0xffffffff811f01c5 <n_tty_read+926>: lea 0x1(%r12),%rax 0xffffffff811f01ca <n_tty_read+931>: mov %rax,-0x40(%rbp) 0xffffffff811f01ce <n_tty_read+935>: callq 0xffffffff812008ac <tty_audit_add_data> 0xffffffff811f01d3 <n_tty_read+940>: mov -0x31(%rbp),%al 0xffffffff811f01d6 <n_tty_read+943>: mov %r12,%rcx 0xffffffff811f01d9 <n_tty_read+946>: callq 0xffffffff811949a0 <__put_user_1> 0xffffffff811f01de <n_tty_read+951>: test %eax,%eax 0xffffffff811f01e0 <n_tty_read+953>: jne 0xffffffff811f043d <n_tty_read+1558> 0xffffffff811f01e6 <n_tty_read+959>: decq -0x78(%rbp) 0xffffffff811f01ea <n_tty_read+963>: jmpq 0xffffffff811f052d <n_tty_read+1798> 0xffffffff811f01ef <n_tty_read+968>: mov $0x1,%eax 0xffffffff811f01f4 <n_tty_read+973>: mov -0x100(%rbp),%rbx 0xffffffff811f01fb <n_tty_read+980>: xchg %rax,(%rbx) 0xffffffff811f01fe <n_tty_read+983>: mov -0x40(%rbp),%rcx 0xffffffff811f0202 <n_tty_read+987>: mov -0xd8(%rbp),%rax 0xffffffff811f0209 <n_tty_read+994>: mov -0xe0(%rbp),%rbx 0xffffffff811f0210 <n_tty_read+1001>: sub %rcx,%rax 0xffffffff811f0213 <n_tty_read+1004>: lea (%rax,%rbx,1),%rdx 0xffffffff811f0217 <n_tty_read+1008>: movzwl 0x21e(%r13),%eax 0xffffffff811f021f <n_tty_read+1016>: cmp %rax,%rdx 0xffffffff811f0222 <n_tty_read+1019>: jge 0xffffffff811f0240 <n_tty_read+1049> 0xffffffff811f0224 <n_tty_read+1021>: test %rdx,%rdx 0xffffffff811f0227 <n_tty_read+1024>: jle 0xffffffff811f0240 <n_tty_read+1049> 0xffffffff811f0229 <n_tty_read+1026>: mov -0xd8(%rbp),%eax 0xffffffff811f022f <n_tty_read+1032>: sub %cx,%ax 0xffffffff811f0232 <n_tty_read+1035>: add -0xb0(%rbp),%eax 0xffffffff811f0238 <n_tty_read+1041>: mov %ax,0x21e(%r13) 0xffffffff811f0240 <n_tty_read+1049>: mov %r13,%rdi 0xffffffff811f0243 <n_tty_read+1052>: callq 0xffffffff811f37f3 <tty_flush_to_ldisc> 0xffffffff811f0248 <n_tty_read+1057>: testb $0x10,0x21c(%r13) 0xffffffff811f0250 <n_tty_read+1065>: je 0xffffffff811f0261 <n_tty_read+1082> 0xffffffff811f0252 <n_tty_read+1067>: cmpl $0x0,0x478(%r13) 0xffffffff811f025a <n_tty_read+1075>: jne 0xffffffff811f026f <n_tty_read+1096> 0xffffffff811f025c <n_tty_read+1077>: jmpq 0xffffffff811f0621 <n_tty_read+2042> 0xffffffff811f0261 <n_tty_read+1082>: cmpl $0x0,0x260(%r13) 0xffffffff811f0269 <n_tty_read+1090>: jle 0xffffffff811f0621 <n_tty_read+2042> 0xffffffff811f026f <n_tty_read+1096>: mov -0x110(%rbp),%rax 0xffffffff811f0276 <n_tty_read+1103>: movq $0x0,(%rax) 0xffffffff811f027d <n_tty_read+1110>: cmpl $0x0,-0x9c(%rbp) 0xffffffff811f0284 <n_tty_read+1117>: mov -0x40(%rbp),%rax 0xffffffff811f0288 <n_tty_read+1121>: je 0xffffffff811f0376 <n_tty_read+1359> 0xffffffff811f028e <n_tty_read+1127>: cmp -0xd8(%rbp),%rax 0xffffffff811f0295 <n_tty_read+1134>: jne 0xffffffff811f0376 <n_tty_read+1359> 0xffffffff811f029b <n_tty_read+1140>: jmpq 0xffffffff811f033b <n_tty_read+1300> 0xffffffff811f02a0 <n_tty_read+1145>: mov -0xd0(%rbp),%rdi 0xffffffff811f02a7 <n_tty_read+1152>: callq 0xffffffff811eb980 <tty_hung_up_p> 0xffffffff811f02ac <n_tty_read+1157>: test %eax,%eax 0xffffffff811f02ae <n_tty_read+1159>: jne 0xffffffff811f052d <n_tty_read+1798> 0xffffffff811f02b4 <n_tty_read+1165>: test %r15,%r15 0xffffffff811f02b7 <n_tty_read+1168>: je 0xffffffff811f052d <n_tty_read+1798> 0xffffffff811f02bd <n_tty_read+1174>: mov -0xd0(%rbp),%rdx 0xffffffff811f02c4 <n_tty_read+1181>: testb $0x8,0x39(%rdx) 0xffffffff811f02c8 <n_tty_read+1185>: je 0xffffffff811f02da <n_tty_read+1203> 0xffffffff811f02ca <n_tty_read+1187>: movq $0xfffffffffffffff5,-0xa8(%rbp) 0xffffffff811f02d5 <n_tty_read+1198>: jmpq 0xffffffff811f052d <n_tty_read+1798> 0xffffffff811f02da <n_tty_read+1203>: mov -0x108(%rbp),%rcx 0xffffffff811f02e1 <n_tty_read+1210>: mov 0x8(%rcx),%rax 0xffffffff811f02e5 <n_tty_read+1214>: testb $0x4,0x10(%rax) 0xffffffff811f02e9 <n_tty_read+1218>: je 0xffffffff811f02fb <n_tty_read+1236> 0xffffffff811f02eb <n_tty_read+1220>: movq $0xfffffffffffffe00,-0xa8(%rbp) 0xffffffff811f02f6 <n_tty_read+1231>: jmpq 0xffffffff811f052d <n_tty_read+1798> 0xffffffff811f02fb <n_tty_read+1236>: mov $0xfff,%eax 0xffffffff811f0300 <n_tty_read+1241>: sub 0x260(%r13),%eax 0xffffffff811f0307 <n_tty_read+1248>: test %eax,%eax 0xffffffff811f0309 <n_tty_read+1250>: jg 0xffffffff811f0324 <n_tty_read+1277> 0xffffffff811f030b <n_tty_read+1252>: xor %eax,%eax 0xffffffff811f030d <n_tty_read+1254>: testb $0x10,0x21c(%r13) 0xffffffff811f0315 <n_tty_read+1262>: je 0xffffffff811f0324 <n_tty_read+1277> 0xffffffff811f0317 <n_tty_read+1264>: xor %eax,%eax 0xffffffff811f0319 <n_tty_read+1266>: cmpl $0x0,0x478(%r13) 0xffffffff811f0321 <n_tty_read+1274>: sete %al 0xffffffff811f0324 <n_tty_read+1277>: mov %r15,%rdi 0xffffffff811f0327 <n_tty_read+1280>: mov %eax,0xf0(%r13) 0xffffffff811f032e <n_tty_read+1287>: callq 0xffffffff812d5a02 <schedule_timeout> 0xffffffff811f0333 <n_tty_read+1292>: mov %rax,%r15 0xffffffff811f0336 <n_tty_read+1295>: jmpq 0xffffffff811f0522 <n_tty_read+1787> 0xffffffff811f033b <n_tty_read+1300>: mov -0xf0(%rbp),%rbx 0xffffffff811f0342 <n_tty_read+1307>: lea -0x31(%rbp),%rsi 0xffffffff811f0346 <n_tty_read+1311>: mov $0x1,%edx 0xffffffff811f034b <n_tty_read+1316>: mov %r13,%rdi 0xffffffff811f034e <n_tty_read+1319>: movb $0x0,-0x31(%rbp) 0xffffffff811f0352 <n_tty_read+1323>: mov %rbx,-0x40(%rbp) 0xffffffff811f0356 <n_tty_read+1327>: callq 0xffffffff812008ac <tty_audit_add_data> 0xffffffff811f035b <n_tty_read+1332>: mov -0x31(%rbp),%al 0xffffffff811f035e <n_tty_read+1335>: mov -0xd8(%rbp),%rcx 0xffffffff811f0365 <n_tty_read+1342>: callq 0xffffffff811949a0 <__put_user_1> 0xffffffff811f036a <n_tty_read+1347>: test %eax,%eax 0xffffffff811f036c <n_tty_read+1349>: jne 0xffffffff811f043d <n_tty_read+1558> 0xffffffff811f0372 <n_tty_read+1355>: decq -0x78(%rbp) 0xffffffff811f0376 <n_tty_read+1359>: testb $0x10,0x21c(%r13) 0xffffffff811f037e <n_tty_read+1367>: jne 0xffffffff811f0456 <n_tty_read+1583> 0xffffffff811f0384 <n_tty_read+1373>: jmpq 0xffffffff811f047a <n_tty_read+1619> 0xffffffff811f0389 <n_tty_read+1378>: mov 0x25c(%r13),%eax 0xffffffff811f0390 <n_tty_read+1385>: mov -0x88(%rbp),%rbx 0xffffffff811f0397 <n_tty_read+1392>: lock btr %eax,(%rbx) 0xffffffff811f039b <n_tty_read+1396>: sbb %r14d,%r14d 0xffffffff811f039e <n_tty_read+1399>: movslq 0x25c(%r13),%rdx 0xffffffff811f03a5 <n_tty_read+1406>: mov 0x250(%r13),%rax 0xffffffff811f03ac <n_tty_read+1413>: mov -0xb8(%rbp),%rdi 0xffffffff811f03b3 <n_tty_read+1420>: movsbl (%rax,%rdx,1),%ebx Below is the output of bt -a command in crash bt -a PID: 0 TASK: ffffffff814204b0 CPU: 0 COMMAND: "swapper" #0 [ffff880033007e80] crash_nmi_callback at ffffffff8101fbc9 #1 [ffff880033007e90] notifier_call_chain at ffffffff81065893 #2 [ffff880033007ed0] atomic_notifier_call_chain at ffffffff810658dd #3 [ffff880033007ee0] notify_die at ffffffff8106597f #4 [ffff880033007f10] do_nmi at ffffffff8100dc5d #5 [ffff880033007f50] nmi at ffffffff812d76b0 [exception RIP: mwait_idle+163] RIP: ffffffff81013029 RSP: ffffffff813e3eb8 RFLAGS: 00000246 RAX: 0000000000000000 RBX: ffffffff813e3fd8 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffffffff813e3fd8 RDI: ffffffff81522308 RBP: ffffffff813e3ec8 R8: 0000000000000000 R9: ffff88003306e290 R10: 0000000000012d80 R11: 0000000000000000 R12: ffffffff8147e368 R13: ffffffff814ccb30 R14: ffffffff814cdfa0 R15: ffffffff813e3fa8 ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018 --- <NMI exception stack> --- #6 [ffffffff813e3eb8] mwait_idle at ffffffff81013029 #7 [ffffffff813e3ed0] cpu_idle at ffffffff8100af21 PID: 13366 TASK: ffff88031b60d580 CPU: 1 COMMAND: "telnet" #0 [ffff88031ce759d0] machine_kexec at ffffffff81024486 #1 [ffff88031ce75a40] crash_kexec at ffffffff8107e230 #2 [ffff88031ce75b20] oops_end at ffffffff8100fa38 #3 [ffff88031ce75b50] no_context at ffffffff8102d801 #4 [ffff88031ce75ba0] __bad_area_nosemaphore at ffffffff8102d9c9 #5 [ffff88031ce75c70] bad_area at ffffffff8102da41 #6 [ffff88031ce75ca0] do_page_fault at ffffffff8102dd19 #7 [ffff88031ce75cf0] page_fault at ffffffff812d7425 [exception RIP: n_tty_read+1420] RIP: ffffffff811f03b3 RSP: ffff88031ce75da8 RFLAGS: 00010246 RAX: 0000000000000000 RBX: ffff8802cbd54a68 RCX: 000000000061c044 RDX: 0000000000000005 RSI: ffff88031ce75e87 RDI: ffff8802cbd54d1c RBP: ffff88031ce75eb8 R8: 0000000000000000 R9: 0000000000000000 R10: 0000000000616680 R11: 0000000000000246 R12: 000000000061c044 R13: ffff8802cbd54800 R14: 0000000000000000 R15: 7fffffffffffffff ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018 #8 [ffff88031ce75ec0] tty_read at ffffffff811ebf7e #9 [ffff88031ce75f10] vfs_read at ffffffff810ebcc8 #10 [ffff88031ce75f40] sys_read at ffffffff810ebe48 #11 [ffff88031ce75f80] system_call_fastpath at ffffffff8100bbc2 RIP: 00007ffff716b9e0 RSP: 00007fffffffdfc0 RFLAGS: 00010212 RAX: 0000000000000000 RBX: ffffffff8100bbc2 RCX: 0000000000000000 RDX: 0000000000001ff6 RSI: 000000000061c02a RDI: 0000000000000000 RBP: 0000000000001ff6 R8: 0000000000000000 R9: 0000000000000000 R10: 0000000000616680 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000001 R14: 000000000061c02a R15: 00000000006178a0 ORIG_RAX: 0000000000000000 CS: 0033 SS: 002b PID: 0 TASK: ffff88031e0e3540 CPU: 2 COMMAND: "swapper" #0 [ffff880033047e80] crash_nmi_callback at ffffffff8101fbc9 #1 [ffff880033047e90] notifier_call_chain at ffffffff81065893 #2 [ffff880033047ed0] atomic_notifier_call_chain at ffffffff810658dd #3 [ffff880033047ee0] notify_die at ffffffff8106597f #4 [ffff880033047f10] do_nmi at ffffffff8100dc5d #5 [ffff880033047f50] nmi at ffffffff812d76b0 [exception RIP: mwait_idle+163] RIP: ffffffff81013029 RSP: ffff88031e0e5ef8 RFLAGS: 00000246 RAX: 0000000000000000 RBX: ffff88031e0e5fd8 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffff88031e0e5fd8 RDI: ffffffff81522308 RBP: ffff88031e0e5f08 R8: 0000000000000000 R9: ffff88003302e290 R10: 0000000000012d80 R11: 0000000000000000 R12: ffffffff8147e368 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018 --- <NMI exception stack> --- #6 [ffff88031e0e5ef8] mwait_idle at ffffffff81013029 #7 [ffff88031e0e5f10] cpu_idle at ffffffff8100af21 PID: 0 TASK: ffff88031e113580 CPU: 3 COMMAND: "swapper" #0 [ffff880033067e80] crash_nmi_callback at ffffffff8101fbc9 #1 [ffff880033067e90] notifier_call_chain at ffffffff81065893 #2 [ffff880033067ed0] atomic_notifier_call_chain at ffffffff810658dd #3 [ffff880033067ee0] notify_die at ffffffff8106597f #4 [ffff880033067f10] do_nmi at ffffffff8100dc5d #5 [ffff880033067f50] nmi at ffffffff812d76b0 [exception RIP: mwait_idle+163] RIP: ffffffff81013029 RSP: ffff88031e115ef8 RFLAGS: 00000246 RAX: 0000000000000000 RBX: ffff88031e115fd8 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffff88031e115fd8 RDI: ffffffff81522308 RBP: ffff88031e115f08 R8: 0000000000000000 R9: 0000000000000000 R10: 0000000000000800 R11: 0000000000000000 R12: ffffffff8147e368 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018 --- <NMI exception stack> --- #6 [ffff88031e115ef8] mwait_idle at ffffffff81013029 #7 [ffff88031e115f10] cpu_idle at ffffffff8100af21 Please let me know if you need any other details. Thanks and Regards Shashidhara -----Original Message----- From: crash-utility-bounces(a)redhat.com [mailto:crash-utility-bounces@redhat.com] On Behalf Of Dave Anderson Sent: Thursday, June 23, 2011 9:35 PM To: Discussion list for crash utility usage,maintenance and development Subject: Re: [Crash-utility] Unable to switch stack frames while using crash ----- Original Message ----- below, is 0, or a 0000000000000005 Just for my own sanity, can you either attach the "drivers/char/n_tty.c" from *your* specific kernel, or get the source-code/line-number data from the embedded gdb module? If you don't have the n_tty.c file readily available, you can get the source-code/line-number data of a particular function by doing something like this: Get the line number of the beginning of n_tty_read(), which in my kernel is at 1698 -- your's will probably be different: crash> gdb list n_tty_read 1695 * This code must be sure never to sleep through a hangup. 1696 */ 1697 1698 static ssize_t n_tty_read(struct tty_struct *tty, struct file *file, 1699 unsigned char __user *buf, size_t nr) 1700 { 1701 unsigned char __user *b = buf; 1702 DECLARE_WAITQUEUE(wait, current); 1703 int c; 1704 int minimum, time; crash> Then get the line number of the next function in the file, which is n_tty_write(): crash> gdb list n_tty_write 1918 * lock themselves) 1919 */ 1920 1921 static ssize_t n_tty_write(struct tty_struct *tty, struct file *file, 1922 const unsigned char *buf, size_t nr) 1923 { 1924 const unsigned char *b = buf; 1925 DECLARE_WAITQUEUE(wait, current); 1926 int c; 1927 ssize_t retval = 0; And then dump the whole n_tty_read() function (plus some extra stuff): crash> gdb list 1698,1920 1698 static ssize_t n_tty_read(struct tty_struct *tty, struct file *file, 1699 unsigned char __user *buf, size_t nr) 1700 { 1701 unsigned char __user *b = buf; 1702 DECLARE_WAITQUEUE(wait, current); 1703 int c; 1704 int minimum, time; 1705 ssize_t retval = 0; 1706 ssize_t size; 1707 long timeout; 1708 unsigned long flags; 1709 int packet; 1710 1711 do_it_again: 1712 1713 BUG_ON(!tty->read_buf); 1714 1715 c = job_control(tty, file); 1716 if (c < 0) 1717 return c; 1718 1719 minimum = time = 0; 1720 timeout = MAX_SCHEDULE_TIMEOUT; 1721 if (!tty->icanon) { 1722 time = (HZ / 10) * TIME_CHAR(tty); 1723 minimum = MIN_CHAR(tty); ... And lastly, since the crash occurred at IP: [<ffffffff811f03b3>] n_tty_read+0x58c/0x818 Do this: crash> dis -rl n_tty_read+0x58c ... And then post all of that data. Dave -- Crash-utility mailing list Crash-utility(a)redhat.com https://www.redhat.com/mailman/listinfo/crash-utility Information transmitted by this e-mail is proprietary to MphasiS, its associated companies and/ or its customers and is intended for use only by the individual or entity to which it is addressed, and may contain information that is privileged, confidential or exempt from disclosure under applicable law. If you are not the intended recipient or it appears that this mail has been forwarded to you without proper authority, you are notified that any use or dissemination of this information in any manner is strictly prohibited. In such cases, please notify us immediately at mailmaster(a)mphasis.com and delete this mail from your records.